Menu
Reply
  • 46
  • 1
  • 1
lmacilroy
On our wavelength
52 Views
Message 31 of 34
Flag for a moderator

Re: Is VM blocking port forwarding attempts

@DreamOfCheese Urmmmmmmm I just did that and guess what. Ill bang my head on the wall shall I. I connected into the game client and for some reason the original server (ie the server on my dedi box) is NOW showing in the server list (not just the LAN list but also the internet server tab). I do know before it was NOT showing but now it is showing. Im still gonna try and ascertain why it wasnt working before compared to now as Id prefer to know why that is so. Ive not made any changes to that server and the settings in port forward are the same as before ie the protocol is set to both tcp/udp in the PF settings. Though I do have the lan ip set in the DMZ - I assume that by not having dmz set to its lan ip shouldnt make any difference. Im still unsure why it now shows as working now in comparison to whats been happening its not like Ive made a change to any settings today that would make any difference.

0 Kudos
Reply
  • 15.65K
  • 866
  • 5.82K
Superuser
Superuser
40 Views
Message 32 of 34
Flag for a moderator

Re: Is VM blocking port forwarding attempts

If you've got a device in the DMZ then you don't need port forwarding rules period.

The way the hub decides what to do with inbound packets is as follows

  1. Response to outbound packet - packet forwarded to LAN host the original packet came from.
  2. Unsolicited packet meets port forwarding rule criteria - packet forwarded according to rule.
  3. Unsolicited packet - DMZ active - packets forwarded to IP of device in DMZ
  4. Packet dropped.

Note:  I've been able to use this order to deal with people who've put their PS4's in the DMZ and then had warning letters regarding mDNS port 5353 being open to the internet at large (always a bad idea) by setting a port forwarding rule to an unused port.  So I am confident in the order the rules are applied (although they may not be complete)

So it's possible that the list of ports that you forwarded was not correct and that putting it in the DMZ has allowed the required packets to get through to the server anyway.

Tim

________________________________________


Only use Helpful answer if your problems been solved.

0 Kudos
Reply
  • 46
  • 1
  • 1
lmacilroy
On our wavelength
25 Views
Message 33 of 34
Flag for a moderator

Re: Is VM blocking port forwarding attempts

I will try to see if packets get forwarded to the port without DMZ being used. Like you I have the suspicion thats why packets are getting through to my machine. I will say that whilst Ive had these issues I did have DMZ enabled at times and I wasnt getting a response of any sort so makes me wonder why they would be getting through now even though Im not doing anything different. Ill test this theory out on my game client later with the server and see if disabling dmz still allows the packets to pass through.

0 Kudos
Reply
  • 15.65K
  • 866
  • 5.82K
Superuser
Superuser
16 Views
Message 34 of 34
Flag for a moderator

Re: Is VM blocking port forwarding attempts

I would like to share another way of testing whether UDP forwarding is working using a tool called Netcat.

While Microsoft have removed the tool from Windows one user has compiled a version of the open source code into a windows executable.  (Actually there's two versions, one with the -e switch compiled out as some anti virus solutions were flagging the other version as malware - it's not BTW, but if in doubt download the second version.

https://github.com/rsanchez-wsu/jfiles/wiki/Windows-10-Telnet-&-NetCat

With that in mind I opened up two CMD shells in windows.

Why 2?  Because one will act as a server and the other will act as a client.

On the first I type in the following command.

C:\Users\timdu>nc -ulp 2306

This sets up an instance of Netcat that listens for UDP packets on port 2306 (Note: that you can change the port number to test any of the ports needed for the game to work.

On the second I then set up a client connection using the command

C:\Users\timdu>nc -u 80.195.xxx.xxx 2306

Note: I've masked out the last two digits of my IP address.

This command sets up a client connection to port 2306 UDP Now If I type in some text into the second window

ncsend.PNG

 

And then press Enter the text is sent to the first Netcat process.

ncsend2.PNG

Likewise you can demonstrate packets going the other way by typing text into the first window (representing the server) although you do have to take into account that NAT will only allow responses from server to client for a limited time.  This is by design.  After all if the server doesn't purge the NAT table then it would end up being filled up with stale entries.

Please note that this is a consistently reliable way of testing UDP connections.in the same way that packet sender is as you can test any port that is not currently bound to a server (so you would need to shut down the Day-Z-Server to test the ports it's trying to use, but it can prove beyond a shadow of a doubt that your port forwarding rules are working.

Tim

 

________________________________________


Only use Helpful answer if your problems been solved.

0 Kudos
Reply